package com.dk.controller;
import com.dk.constant.RedisLonginConstant;
import com.dk.pojo.UUser;
import com.dk.service.LogenService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;

@Controller
@RequestMapping("logenController")
public class LogenController {
    @Autowired
    private RedisTemplate redisTemplate;

    @Autowired
    private LogenService logenService;

    @RequestMapping("listGet")
    @ResponseBody
    public Map<String,Object> listGet(String uname, String password, HttpServletRequest request,String vcode){//,String vcode


        Map<String,Object> result = null;

        HttpSession session = request.getSession();
        String code = (String)session.getAttribute("code");
       if(vcode == null || "".equals(vcode) || !vcode.equalsIgnoreCase(code)) {
            result = new HashMap<>();
            result.put("message","验证码不正确");
            result.put("code",false);
            return result;
        }

        UUser tUser = logenService.listGet(uname);

       if(tUser == null){
            result = new HashMap<>();
            result.put("message","用户名不存在");
            result.put("code",false);
            return result;
        }

        //1.判断用户是否被限制登录(如果没有被限制)
        if(!redisTemplate.hasKey(RedisLonginConstant.USER_LOGINTIME_LOCK + uname)){
            //2.判断密码是否正确     !MD5Utils.validPassword(password,tUser.getPassword()
            if(password == null || !password.equals(tUser.getPassword())){//密码错误
                //2.2.1判断是否是第一次输入密码错误，查看次数key是否存在
                if(!redisTemplate.hasKey(RedisLonginConstant.USER_LONGINCOUNT_ERROR + uname)){//判断是否存在，不存在说明就是第一次
                    //第一次输入错误
                    //给redis的key赋值1，并且设置有效时间为2分钟
                    redisTemplate.boundValueOps(RedisLonginConstant.USER_LONGINCOUNT_ERROR + uname).set("1");
                    //，并且设置有效时间为2分钟
                    redisTemplate.expire(RedisLonginConstant.USER_LONGINCOUNT_ERROR + uname,2, TimeUnit.MINUTES);
                    result = new HashMap<>();
                    result.put("message","密码输入错误，在2分钟内，您还可以输入次数为4次");
                    result.put("code",false);
                    return result;

                }else {//不是第一次输入错误

                    //查询redis中错误次数
                    Long count = Long.parseLong(redisTemplate.boundValueOps(RedisLonginConstant.USER_LONGINCOUNT_ERROR + uname).get() +"");

                    //判断错误次数有没有达到上限次数
                    if(count.intValue() < 4){

                        //没有超过错误次数自增1
                        redisTemplate.boundValueOps(RedisLonginConstant.USER_LONGINCOUNT_ERROR + uname).increment(1);

                        //获取剩余时间
                        Long expire = redisTemplate.getExpire(RedisLonginConstant.USER_LONGINCOUNT_ERROR + uname, TimeUnit.SECONDS);

                        result = new HashMap<>();
                        result.put("message","密码输入错误，在"+expire+"秒内，您还可以输入次数为"+ (4-count) +"次");
                        result.put("code",false);
                        return result;


                    }else {
                        //如果超过了错误次数，将限制登录的key保存到redis中，并设置时间为1小时
                        redisTemplate.boundValueOps(RedisLonginConstant.USER_LOGINTIME_LOCK +uname).set(uname);
                        //并设置时间为1小时
                        redisTemplate.expire(RedisLonginConstant.USER_LOGINTIME_LOCK + uname,1,TimeUnit.HOURS);
                        result = new HashMap<>();
                        result.put("message","由于错误次数太多被限制冻结1小时");
                        result.put("code",false);
                        return result;
                    }
                }
            }else {//密码正确
                //登录成功，清除错误次数的key

                session.setAttribute("tUser",tUser);
                result = new HashMap<>();
                //清除错误次数的key
                redisTemplate.delete(RedisLonginConstant.USER_LOGINTIME_LOCK + uname);
                result.put("message","登录成功");
                result.put("code",true);
                return result;

            }

        }else {//1.2如果被限制
            //提示用户由于登录次数太多，限制登录xx分钟
            Long min = redisTemplate.getExpire(RedisLonginConstant.USER_LOGINTIME_LOCK + uname, TimeUnit.MINUTES);
            result = new HashMap<>();
            result.put("message","由于错误次数太多被限制冻结"+ min +"分钟");
            result.put("code",false);
            return result;
        }

    }
}
